Job Specifications
Senior GRC InfoSec Analyst
Direct Hire (No C2C or third-party submissions)
Location: Plano 75093
Schedule: 2 days onsite weekly
Interview Process: 1st round is onsite; 2nd round virtual
Summary
Responsible for driving the development, implementation, communication, and maintenance of technology policies, standards, and procedures that align with industry standards and regulatory requirements. Ensures technology processes adhere to regulatory requirements, effectively manage risks, and establish strong governance practices. Develops and implements controls, monitors compliance, and supports risk management activities.
Requirements:
Bachelor’s Degree in Information Security, Computer Science, Information Technology, or a related field preferred.
Minimum of six (6)+ years’ experience working in Cybersecurity GRC, policy development, risk management, or a similar field.
Experience with GRC tools (e.g., Archer, ServiceNow, OneTrust).
Proficiency in using data analysis and reporting tools (e.g., Excel, Power BI).
Relevant certifications such as CISM and/or CISA are highly desirable.
Other must haves:
Experience managing policy governance function such as leading policy updates, installing new policy, aligning regulatory & best practices
Technical Process – needs expertise around understanding of alignment & frameworks and will be working with Product Owner
Regulatory Frameworks
Preferred:
Financial services or banking background
ServiceNow IRM (Integrated Risk Management) experience
Duties:
Lead the development and implementation of comprehensive cybersecurity and IT policies, standards, and guidelines.
Continuously evaluate and update cybersecurity and IT policies to ensure they remain current and effective.
Ensure policies comply with relevant laws, regulations, and industry standards (e.g., NIST, FFIEC, GLBA, NYDFS, SOX, PCI-DSS).
Collaborate with cross-functional teams—including IT, legal, compliance, and other departments—to ensure cybersecurity policies align with business objectives.
Translate complex information and documentation into clear, user-friendly concepts.
Provide specialized expertise and consultation to perform framework-oriented risk assessments, identify deficiencies, generate reports, and recommend prioritized, actionable solutions to mitigate risks and enhance overall security posture.
Stay informed about the latest cybersecurity threats, trends, and best practices. Maintain accurate and up-to-date records of policy reviews, risk assessments, training activities, and incident responses.
Benchmark organizational policies against industry standards and best practices.
Develop and implement governance frameworks for cybersecurity policy management.
Monitor key performance indicators, conduct gap analyses and risk assessments, and implement frameworks as needed. Test and monitor the effectiveness of controls.
Establish feedback loops and analyze metrics to continuously improve cybersecurity policies based on audit findings, incident reviews, and emerging threats.
Lead and support internal and external audits and assessments of cybersecurity policies and practices. Ensure identified audit and assessment findings are tracked to closure.
Maintain comprehensive documentation of all cybersecurity policies, procedures, and related activities. Communicate policy requirements and updates to all relevant stakeholders.
Identify opportunities for innovation and improvement in cybersecurity policy and practice. Propose suitable mitigation strategies and verify the effectiveness of remediation plans.
About the Company
The Intersect Group is a nationwide staffing company specializing in Information Technology, Accounting, and Finance. We offer tailored solutions to address your critical personnel needs through contract, contract-to-hire, and direct hire services.
We believe building relationships first is the key to creating shared success with our Colleagues, Clients, Consultants, Candidates, and our Community. We are driven to serve all of those we are privileged to work alongside and understand establishing and maintaining trust is the...
Know more